Logo Header Menu

Over a quarter of cyber security incidents related to Covid-19 — NCSC

The National Cyber Security Centre (NCSC) has released its annual review, which has revealed over a quarter of cyber security incidents to be related to Covid-19 Over a quarter of cyber security incidents related to Covid-19 — NCSC image

According to findings from the NCSC, a record number of cyber security incidents occurred between September 2019 and August 2020, with 723 serious incidents being handled, and over 200 of these being related to Covid-19.

Major targets for threat actors throughout the pandemic have included employees working from home, with potentially substandard security, and academic institutions, to which the NCSC recommended a ‘defence in depth’ strategy.

Covid-19-related phishing emails regarding the Coronavirus Job Retention Scheme, claiming to be from HMRC, were also commonly found by UK businesses.

Additional cyber incidents handled by the NCSC include attacks from state-sponsored hackers, attempting to breach information about a potential vaccine being produced in the UK, and bogus emails claiming to be from health authorities providing important updates.

Forrester releases privacy and cyber security predictions for 2021

Forrester has released its predictions for what 2021 will hold for the privacy and cyber security landscapes. Read here

Mark Nicholls, CTO of Redscan, believes that universities and research institutions, particularly those that are working on vaccines, should be ensuring that cyber security teams get the support they need.

“Work to develop a Covid-19 vaccine is the latest in a long line of world-changing research projects undertaken by UK universities and other organisations,” said Nicholls. “As we head into a second lockdown, this new NCSC report should really focus minds on the need to secure important research and IP against the latest cyber threats, including state-sponsored attacks. The cost of failing to protect scientific research is immeasurable.

“Our research shows that a large number of universities don’t deliver cyber security training to staff and students, nor commission independent penetration testing. These are foundational elements of every security program and key to helping prevent data breaches.

“Even at this time of intense budgetary pressure, institutions need to ensure that their cyber security teams receive the support they need to defend against sophisticated adversaries. Breaches have the potential to seriously impact organisations’ reputation and funding.”

More resilience needed

Following research from Barracuda Networks that concludes that another spike in cyber attacks could occur this month, Chris Ross, Barracuda’s senior vice-president of sales, international, has called for organisations to be more resilient.

How to adopt a state of sustainable cyber resilience

Dirk Schrader, cyber resilience architect at Greenbone Networks, explores how to adopt sustainable cyber resilience to protect critical infrastructure from cyber threats. Read here

“Professional cyber hackers have attempted to infiltrate healthcare organisations since the start of the Covid-19 outbreak, and due to these circumstances, it is more important than ever to protect confidential patient information or even research data, from opportunistic cyber attackers,” said Ross.

“As the UK goes into another lockdown, criminals will continue to exploit the pandemic, and most likely target vaccine research facilities once again. Therefore, every organisation must ensure they have resilient cyber security this time around.

“Barracuda researchers saw three main types of phishing attacks using Covid-19 themes at the beginning of the last national lockdown — scamming, brand impersonation, and business email compromise. Barracuda Sentinel detected 467,825 spear-phishing email attacks through March, and it is possible that another spike like this may occur throughout November.

“Scams that endeavour to extract important updates are often very sophisticated and convincing spear-phishing attacks, which are designed to trick individual employees into a false sense of security, before convincing them to willingly hand-over their own private or company data. Tackling this problem and keeping information secure requires robust policies and an overhaul of staff training, and highly sophisticated email inbox defence security which also leverages artificial intelligence, in order to identify and block hacking attempts before they even reach the recipient.”

This article is tagged with: Covid-19, Cyber Attacks, NCSC

Sign up for Information Age Newsletters

Latest news

divider
Data Analytics & Data Science
What organisations should expect next in the evolution of data

What organisations should expect next in the evolution of data

4 December 2020 / Unprecedented. Extraordinary. Unforeseen. As well as rewriting the rules of life and work as we [...]

divider
Cybersecurity
How to handle the long-term impact of Covid-19 on cloud security

How to handle the long-term impact of Covid-19 on cloud security

3 December 2020 / The repercussions of the Covid-19 pandemic has been felt by all businesses across the globe. [...]

divider
Research
2028 to mark revenue ‘tipping point’ towards tech, say European firms

2028 to mark revenue ‘tipping point’ towards tech, say European firms

3 December 2020 / European business leaders and employees cited the ownership of processes around revenue generation and increasing [...]

divider
Business Skills
Building a tech business from scratch in a data-driven world

Building a tech business from scratch in a data-driven world

2 December 2020 / Paul Evans is the CEO of Redstor, an international SaaS and tech business with a [...]

divider
Research
5G networks found to be up to 90% more energy efficient than 4G

5G networks found to be up to 90% more energy efficient than 4G

2 December 2020 / The 4G and 5G energy efficiency research from Nokia and Telefónica focused on the power [...]

divider
People Moves
Zylo appoints new CTO and CRO in Tim Horoho and Bob Grewal

Zylo appoints new CTO and CRO in Tim Horoho and Bob Grewal

1 December 2020 / As Zylo looks to continue scaling its SaaS operations, with plans to double its workforce [...]

divider
Data Analytics & Data Science
Why the insurance industry is ready for a data revolution

Why the insurance industry is ready for a data revolution

1 December 2020 / Insurance is in many ways an antiquated industry that has seen little change in decades. [...]

divider
Major Contracts
Mindtree and Databricks partner to offer advanced data intelligence

Mindtree and Databricks partner to offer advanced data intelligence

1 December 2020 / The new partnership between Mindtree and Databricks will look to support use of the Databricks [...]

divider
Cloud & Edge Computing
Enterprise companies shifting to cloud hiring software during Covid-19

Enterprise companies shifting to cloud hiring software during Covid-19

1 December 2020 / In response to the ongoing Covid-19 global pandemic, many enterprise companies have begun making the [...]

Do NOT follow this link or you will be banned from the site!

Pin It on Pinterest